SSL Certificates

The following table shows further information as well as a list of malware samples including the corresponding botnet C&C associated with the SSL certificate fingerprint bda79390acda199cd462ad56941b320d30fc8e55.

Database Entry


SHA1 Fingerprint:bda79390acda199cd462ad56941b320d30fc8e55
Certificate Common Name (CN):www.2u0rizfr.com/O=2u0rizfr./C=US
Issuer Distinguished Name (DN):www.2u0rizfr.com/O=2u0rizfr./C=US
TLS Version:TLS 1.2
First seen:2015-11-15 09:24:41 UTC
Last seen:2015-11-16 06:11:14 UTC
Status:Blacklisted
Listing reason:Gootkit C&C
Listing date:2015-11-16 08:40:02
Malware samples:3
Botnet C&Cs:1

Malware Samples


The table below documents all malware samples associated with this SSL certificate.

Timestamp (UTC)Malware Sample (MD5 hash)VTSignatureBotnet C&C (IP:port)
2015-11-16 06:11:14526b7745ea99b4cffe98969cae1a3a14n/aGootkit 89.41.173.221:80
2015-11-15 12:09:306f4ad7da349bc006283931063cf0a128Virustotal results 31/56 (55.36%) Gootkit 89.41.173.221:80
2015-11-15 09:24:41db6833ddda09d0e8f2d4529167eececaVirustotal results 16/55 (29.09%) Gootkit 89.41.173.221:80

# of entries: 3 (max: 100)